Critical Alert 1 Active Exploit Detected Today

CVE-2026-28318 — SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability →

Powered by CVE Watchtower

×

Authentication Bypass

IBM WebSphere Security Advisory: Critical Vulnerabilities Uncovered IBM WebSphere execution flaws WebSphere security bulletin patches request smuggling patch WebSphere remote code execution Langflow OSS vulnerability remote code execution patch

IBM WebSphere execution flaws WebSphere security bulletin patches request smuggling patch WebSphere remote code execution Langflow OSS vulnerability remote code execution patch

IBM WebSphere Security Advisory: Critical Vulnerabilities Uncovered

Do Son June 5, 2026

Enterprise infrastructure administrators face an immediate deployment challenge. Specifically, multiple IBM WebSphere execution flaws threaten to compromise...

Critical Security Patch Resolves Flaw in NI SystemLink Enterprise SystemLink authentication bypass privilege escalation bug Cache Warmer RCE flaw Magento PHP object injection

SystemLink authentication bypass privilege escalation bug Cache Warmer RCE flaw Magento PHP object injection

Critical Security Patch Resolves Flaw in NI SystemLink Enterprise

Do Son June 4, 2026

Overview of the Severe Dashboard Flaw National Instruments released an urgent security advisory for its enterprise data...

Critical Apache Solr Security Flaw Exposes Clusters to Remote Takeover Apache Solr default credentials CVE-2026-44825 workaround CVE-2025-24814 & CVE-2025-24814

Apache Solr default credentials CVE-2026-44825 workaround CVE-2025-24814 & CVE-2025-24814

Critical Apache Solr Security Flaw Exposes Clusters to Remote Takeover

Do Son June 3, 2026

A high-severity Apache Solr default credentials vulnerability now threatens enterprise search infrastructure globally. Security researchers recently discovered...

Severe Casdoor Identity Platform Flaws Expose Corporate Networks Casdoor authentication bypass flaws cross organization privilege escalation

Casdoor authentication bypass flaws cross organization privilege escalation

Severe Casdoor Identity Platform Flaws Expose Corporate Networks

Do Son June 2, 2026

Security researchers recently discovered critical security gaps in a popular open-source platform. Specifically, multiple Casdoor authentication bypass...

PAN-OS Authentication Bypass Flaw Exploited in the Wild

PAN-OS authentication bypass flaw exploited in the wild

PAN-OS Authentication Bypass Flaw Exploited in the Wild

Do Son May 30, 2026

Serious Attacks Hit GlobalProtect VPN Gateways A dangerous security vulnerability is currently impacting enterprise perimeter networks across...

IBM Patches Critical Authentication Bypass in Engineering Platform IBM Jazz Foundation vulnerability

IBM Jazz Foundation vulnerability

IBM Patches Critical Authentication Bypass in Engineering Platform

Do Son May 28, 2026

IBM recently released an urgent security bulletin for its popular engineering solution. Specifically, the tech giant addressed...

Critical RCE Exploits Exposed: Apache OFBiz Patches Severe Authentication Bypass Flaws CVE-2022-25371 - CVE-2025-26865 Apache OFBiz RCE Vulnerability CVE-2026-45434 Authentication Bypass

CVE-2022-25371 - CVE-2025-26865 Apache OFBiz RCE Vulnerability CVE-2026-45434 Authentication Bypass

Critical RCE Exploits Exposed: Apache OFBiz Patches Severe Authentication Bypass Flaws

Do Son May 21, 2026

The Apache OFBiz project has released a critical security update to patch several important vulnerabilities affecting its...

Critical ZKTeco CCTV Flaw (CVE-2026-8598) Leaks Admin Credentials Without Authentication ZKTeco CCTV Vulnerability CVE-2026-8598 Patch

ZKTeco CCTV Vulnerability CVE-2026-8598 Patch

Critical ZKTeco CCTV Flaw (CVE-2026-8598) Leaks Admin Credentials Without Authentication

Do Son May 20, 2026

A newly disclosed, critical vulnerability in ZKTeco CCTV cameras is serving as a reminder that the devices...

Critical 9.8 CVSS: NVIDIA Triton Inference Server Authentication Bypass Threatens AI Workloads NVIDIA Driver Security Update CVE-2026-24187 Linux

NVIDIA Driver Security Update CVE-2026-24187 Linux

Critical 9.8 CVSS: NVIDIA Triton Inference Server Authentication Bypass Threatens AI Workloads

Do Son May 20, 2026

NVIDIA has released a software update for the NVIDIA Triton Inference Server to address a wave of...

CVSS 10 Alert: Quest KACE SMA Auth Bypass Exploited to Hijack Managed Endpoints Quest KACE SMA Vulnerability CVE-2025-32975 Exploit

Quest KACE SMA Vulnerability CVE-2025-32975 Exploit

CVSS 10 Alert: Quest KACE SMA Auth Bypass Exploited to Hijack Managed Endpoints

Do Son May 16, 2026

Cybersecurity researchers have just dropped a report on a critical “management plane” threat that has spent the...

No Password Required: 9.8 Severity ELECOM Router Flaws Allow Total Network Takeover ELECOM Router Vulnerability CVE-2026-42062 Command Injection

ELECOM Router Vulnerability CVE-2026-42062 Command Injection

No Password Required: 9.8 Severity ELECOM Router Flaws Allow Total Network Takeover

Do Son May 15, 2026

In a major security disclosure, JPCERT/CC has issued an urgent advisory regarding multiple high-severity vulnerabilities discovered in...

200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild Burst Statistics Authentication Bypass CVE-2026-8181 Exploit

Burst Statistics Authentication Bypass CVE-2026-8181 Exploit

200K Sites at Risk: 9.8 CVSS RCE via Burst Statistics Auth Bypass Exploited in the Wild

Do Son May 14, 2026

In a major discovery for the WordPress ecosystem, PRISM, Wordfence Threat Intelligence’s autonomous vulnerability research platform, has...

PraisonAI CVE-2026-44338 Exploited in the Wild Hours After Patch Disclosure PraisonAI Authentication Bypass Exploited in the Wild CVE-2026-44338

PraisonAI Authentication Bypass Exploited in the Wild CVE-2026-44338

PraisonAI CVE-2026-44338 Exploited in the Wild Hours After Patch Disclosure

Do Son May 13, 2026

A new report from the Sysdig Threat Research Team (TRT) reveals that on May 11, 2026, a...

Critical cPanel Auth Bypass CVE-2026-41940 Exploited by Thousands cPanel Authentication Bypass CVE-2026-41940 Exploitation

cPanel Authentication Bypass CVE-2026-41940 Exploitation

Critical cPanel Auth Bypass CVE-2026-41940 Exploited by Thousands

Do Son May 12, 2026

In the world of Linux server operations and virtual hosting management, cPanel & WHM is a cornerstone...

The Q1 2026 Exploit Surge: AI Discovers the Flaws, APTs Reap the Rewards

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

The Q1 2026 Exploit Surge: AI Discovers the Flaws, APTs Reap the Rewards

Do Son May 11, 2026

The first quarter of 2026 has set a blistering and volatile pace for the cybersecurity industry, marked...

Critical Collision Bug in Auth Library Merges All Patreon Users

Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

Critical Collision Bug in Auth Library Merges All Patreon Users

Do Son May 4, 2026

A critical authentication vulnerability has been discovered in the popular auth library, a tool used by developers...

MOVEit Automation Alert: Critical Authentication Bypass Hits CVSS 9.8 MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

MOVEit Automation Vulnerability CVE-2026-4670 CVE-2024-6670 & CVE-2024-6671 Progress WhatsUp Gold

MOVEit Automation Alert: Critical Authentication Bypass Hits CVSS 9.8

Do Son May 4, 2026

Progress Software has issued an urgent security bulletin for MOVEit Automation users, disclosing two significant vulnerabilities that...

Active Exploitation in the Wild: Critical Qinglong Bypasses Fuel Covert Cryptomining Campaign Qinglong Vulnerability Active Exploitation GhostGrab Hybrid Malware, Monero Mining

Qinglong Vulnerability Active Exploitation GhostGrab Hybrid Malware, Monero Mining

Active Exploitation in the Wild: Critical Qinglong Bypasses Fuel Covert Cryptomining Campaign

Do Son May 4, 2026

Security researchers at Snyk have issued a warning regarding active, in-the-wild exploitation of Qinglong (青龙), a widely...

40,000+ Sites Exposed: Critical 9.8 CVSS Flaw Grants Total WordPress Account Takeover WordPress Account Takeover CVE-2026-7567

WordPress Account Takeover CVE-2026-7567

40,000+ Sites Exposed: Critical 9.8 CVSS Flaw Grants Total WordPress Account Takeover

Do Son May 2, 2026

A security vulnerability has been identified in Temporary Login, a popular WordPress plugin designed to provide secure,...

44,000 IPs Hijacked: cPanel’s 9.8 CVSS Authentication Bypass Triggers Global Ransomware Surge cPanel Authentication Bypass CVE-2026-41940

cPanel Authentication Bypass CVE-2026-41940

44,000 IPs Hijacked: cPanel’s 9.8 CVSS Authentication Bypass Triggers Global Ransomware Surge

Do Son May 2, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning, adding a critical vulnerability in...